Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Java reflect give poor performance on getter setter an constructor calls, accessors-smart use ASM to speed up those calls.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/minidev/accessors-smart/2.6.0/accessors-smart-2.6.0.jar MD5: 0ad72639eea293193f68898da9b0b902 SHA1: 2d96f1d9b6ab7f13261aa81b15703574185747a0 SHA256:222c9f547bb20a99fc486403a398352d1306fb671b38abd7ecab6401df170e61 Referenced In Project/Scope: psi-probe-rest:compile accessors-smart-2.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.minidev/json-smart@2.6.0
File Path: /home/runner/.m2/repository/org/eclipse/angus/angus-activation/2.0.3/angus-activation-2.0.3.jar MD5: ad20392145690b36b4f950fe31a31a2a SHA1: 7f80607ea5014fef0b1779e6c33d63a88a45a563 SHA256:a6bd35c538cf90fff941ad6258c40c08fca0b5c9c3f536c657114f27ce0527a7 Referenced In Project/Scope: psi-probe-rest:compile angus-activation-2.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
ASM, a very small and fast Java bytecode manipulation framework
License:
BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.7.1/asm-9.7.1.jar MD5: e2cdd32d198ad31427d298eee9d39d8d SHA1: f0ed132a49244b042cd0e15702ab9f2ce3cc8436 SHA256:8cadd43ac5eb6d09de05faecca38b917a040bb9139c7edeb4cc81c740b713281 Referenced In Project/Scope: psi-probe-rest:compile asm-9.7.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/net.minidev/json-smart@2.6.0
Evidence
Type
Source
Name
Value
Confidence
Vendor
file
name
asm
High
Vendor
jar
package name
asm
Highest
Vendor
jar
package name
objectweb
Highest
Vendor
Manifest
bundle-docurl
http://asm.ow2.org
Low
Vendor
Manifest
bundle-requiredexecutionenvironment
J2SE-1.5
Low
Vendor
Manifest
bundle-symbolicname
org.objectweb.asm
Medium
Vendor
pom
artifactid
asm
Highest
Vendor
pom
artifactid
asm
Low
Vendor
pom
developer email
ebruneton@free.fr
Low
Vendor
pom
developer email
eu@javatx.org
Low
Vendor
pom
developer email
forax@univ-mlv.fr
Low
Vendor
pom
developer id
ebruneton
Medium
Vendor
pom
developer id
eu
Medium
Vendor
pom
developer id
forax
Medium
Vendor
pom
developer name
Eric Bruneton
Medium
Vendor
pom
developer name
Eugene Kuleshov
Medium
Vendor
pom
developer name
Remi Forax
Medium
Vendor
pom
groupid
org.ow2.asm
Highest
Vendor
pom
name
asm
High
Vendor
pom
organization name
OW2
High
Vendor
pom
organization url
http://www.ow2.org/
Medium
Vendor
pom
parent-artifactid
ow2
Low
Vendor
pom
parent-groupid
org.ow2
Medium
Vendor
pom
url
http://asm.ow2.io/
Highest
Product
file
name
asm
High
Product
jar
package name
asm
Highest
Product
jar
package name
objectweb
Highest
Product
Manifest
bundle-docurl
http://asm.ow2.org
Low
Product
Manifest
Bundle-Name
org.objectweb.asm
Medium
Product
Manifest
bundle-requiredexecutionenvironment
J2SE-1.5
Low
Product
Manifest
bundle-symbolicname
org.objectweb.asm
Medium
Product
Manifest
Implementation-Title
ASM, a very small and fast Java bytecode manipulation framework
High
Product
pom
artifactid
asm
Highest
Product
pom
developer email
ebruneton@free.fr
Low
Product
pom
developer email
eu@javatx.org
Low
Product
pom
developer email
forax@univ-mlv.fr
Low
Product
pom
developer id
ebruneton
Low
Product
pom
developer id
eu
Low
Product
pom
developer id
forax
Low
Product
pom
developer name
Eric Bruneton
Low
Product
pom
developer name
Eugene Kuleshov
Low
Product
pom
developer name
Remi Forax
Low
Product
pom
groupid
org.ow2.asm
Highest
Product
pom
name
asm
High
Product
pom
organization name
OW2
Low
Product
pom
organization url
http://www.ow2.org/
Low
Product
pom
parent-artifactid
ow2
Medium
Product
pom
parent-groupid
org.ow2
Medium
Product
pom
url
http://asm.ow2.io/
Medium
Version
file
version
9.7.1
High
Version
Manifest
Bundle-Version
9.7.1
High
Version
Manifest
Implementation-Version
9.7.1
High
Version
pom
parent-version
9.7.1
Low
Version
pom
version
9.7.1
Highest
Identifiers
pkg:maven/org.ow2.asm/asm@9.7.1 (Confidence:High)
commons-logging-1.3.5.jar
Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well-known logging systems.
File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar MD5: 9ca067b073153c86c2da350c0f2cdf70 SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1 SHA256:6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4 Referenced In Project/Scope: psi-probe-rest:compile commons-logging-1.3.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.42.0/error_prone_annotations-2.42.0.jar MD5: 27a54b790cf5121be1982b585870154d SHA1: 57a3eddaddd4f2d412e13d3bcefba29b5ebda1b6 SHA256:f282a6488838986b8033bd51888928cff6a59c1050426476553ed2622b89e510 Referenced In Project/Scope: psi-probe-rest:provided error_prone_annotations-2.42.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/3.1/j2objc-annotations-3.1.jar MD5: abe8bd3abff622b9a8b15c3a737aa741 SHA1: a892ca9507839bbdb900d64310ac98256cab992f SHA256:84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b Referenced In Project/Scope: psi-probe-rest:provided j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
File Path: /home/runner/.m2/repository/jakarta/activation/jakarta.activation-api/2.1.4/jakarta.activation-api-2.1.4.jar MD5: bc1602eee7bc61a0b86f14bbbb0cc794 SHA1: 9e5c2a0d75dde71a0bedc4dbdbe47b78a5dc50f8 SHA256:c9db52100ce6c8aac95cc39075f95720d2e561b11f8051b81c121ad4effd7004 Referenced In Project/Scope: psi-probe-rest:compile jakarta.activation-api-2.1.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/jayway/jsonpath/json-path/2.9.0/json-path-2.9.0.jar MD5: e89678d2e4ff45e4f39a97ccd0223719 SHA1: 37fe2217f577b0b68b18e62c4d17a8858ecf9b69 SHA256:11a9ee6f88bb31f1450108d1cf6441377dec84aca075eb6bb2343be157575bea Referenced In Project/Scope: psi-probe-rest:compile json-path-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/minidev/json-smart/2.6.0/json-smart-2.6.0.jar MD5: fde8981f31c3b972355a5adf26a9ec65 SHA1: 5f858a43a325a8673da6869ab2bc787a1bcb2244 SHA256:1ae4b561458afb540be8ec5c6dbb4f2e715a319a7ae64854998aaf924770d61b Referenced In Project/Scope: psi-probe-rest:compile json-smart-2.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar MD5: dd83accb899363c32b07d7a1b2e4ce40 SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7 Referenced In Project/Scope: psi-probe-rest:provided jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/io/micrometer/micrometer-commons/1.14.12/micrometer-commons-1.14.12.jar MD5: 73d02817a01558776dbc5a43b1774add SHA1: 86459b0c760a1ab5fc17da330203f25ba36f642b SHA256:83408660d54149650da3658fa65b055158115ac91c900b3812022e1a24a35483 Referenced In Project/Scope: psi-probe-rest:compile micrometer-commons-1.14.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/io/micrometer/micrometer-observation/1.14.12/micrometer-observation-1.14.12.jar MD5: 8b63abb3fb62f7ff52f3f20f5f3c7b86 SHA1: 5e20ee1facc4414938f57d6546b3dbd94c10b642 SHA256:430be17d568533f3bb4234d1a7ab3018509967c582c2212770e81bcf933a99b8 Referenced In Project/Scope: psi-probe-rest:compile micrometer-observation-1.14.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1
File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar MD5: b6480d114a23683498ac3f746f959d2f SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832 Referenced In Project/Scope: psi-probe-rest:compile slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.9.8/spotbugs-annotations-4.9.8.jar MD5: d4c2e7bd090be697ad409a4e75684a94 SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73 SHA256:6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c Referenced In Project/Scope: psi-probe-rest:provided spotbugs-annotations-4.9.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-core/6.2.12/spring-core-6.2.12.jar MD5: 5495c7d311d73ddaf6fdf3d198b7bab1 SHA1: 298bd954610442d54b276f911d3490372ab62117 SHA256:bddc5a5be2d94191ebcfbadc672fa4d81e6ab51e38a9eaf41d5d035cb17548d4 Referenced In Project/Scope: psi-probe-rest:compile spring-core-6.2.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1
Library to support implementing representations for
hyper-text driven REST web services.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/hateoas/spring-hateoas/2.5.1/spring-hateoas-2.5.1.jar MD5: 2d5642542ef1527f434de00329bd02b9 SHA1: 8d01e1a635fd5be08f7c277fe3284aa7ed1568c4 SHA256:5f8c303a42253b05329cb8141b4c6d2795253adb2e51d788210f882586103f4e Referenced In Project/Scope: psi-probe-rest:compile spring-hateoas-2.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.psi-probe/psi-probe-rest@5.3.1-SNAPSHOT
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/plugin/spring-plugin-core/3.0.0/spring-plugin-core-3.0.0.jar MD5: d29a8f831dfe90d150ab694489f2e7c2 SHA1: d56aa02dd7272dca30aa598dc8b72e823227046a SHA256:edf72d44b9cf1199cc783d620f5f86df82fb378521dac313540086e6c3c66ff0 Referenced In Project/Scope: psi-probe-rest:compile spring-plugin-core-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-web/6.2.12/spring-web-6.2.12.jar MD5: 2bf493d1c575cb1b7b9cc62555fd010e SHA1: 58bdd67728631b561a8b9cf4249a0d990bb3ef88 SHA256:caff724ebb7c423696e1d2c7690245fbbafe218695b3a4479faa668af0400e6d Referenced In Project/Scope: psi-probe-rest:compile spring-web-6.2.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.hateoas/spring-hateoas@2.5.1